Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
1
Edit: I forgot to mention it uses a imclude called detours.h, I looked that up and stuff but that is something i've never heard of till this.
#include "windows.h"
#include "detours.h"
#include <cstdio>
typedef int (__thiscall* DecryptCall)(void* pthis, unsigned char* buffer, int length);
typedef int (__thiscall* EncryptCall)(void* pthis, unsigned char* buffer, int length);
DecryptCall decrypt = (DecryptCall)0x418F20;
EncryptCall encrypt = (EncryptCall)0x418E50;
FILE* flog = NULL;
class DetouredClass
{
public:
int DetourDecrypt(unsigned char* buffer, int len)
{
//call real decrypt
int decryptres = decrypt(this, buffer, len);
if (buffer[0] == 0x49)
return decryptres;
unsigned char* tmpbuf = new unsigned char[len - 1];
tmpbuf[0] = buffer[0];
memcpy(&tmpbuf[1], &buffer[2], len - 2);
printf("S -> C: OP %02X, len %u\n", buffer[0], len - 1);
fprintf(flog, "\r\nS -> C: OP %02X, len %u\r\n", buffer[0], len - 1);
WriteToFile(flog, tmpbuf, len - 1);
delete[] tmpbuf;
return decryptres;
}
int DetourEncrypt(unsigned char* buffer, int len)
{
printf("C -> S: OP %02X, len %u\n", buffer[0], len - 1);
unsigned char* tmpbuf = new unsigned char[len - 1];
tmpbuf[0] = buffer[0];
memcpy(&tmpbuf[1], &buffer[2], len - 2);
fprintf(flog, "\r\nC -> S: OP %02X, len %u\r\n", buffer[0], len - 1);
WriteToFile(flog, tmpbuf, len - 1);
delete[] tmpbuf;
return encrypt(this, buffer, len); //dont do anything yet, for later
}
size_t WriteToFile(FILE *dstFile, const void *pSource, size_t sourceLength)
{
fprintf(dstFile, "|------------------------------------------------|----------------|\r\n");
fprintf(dstFile, "|00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F |0123456789ABCDEF|\r\n");
fprintf(dstFile, "|------------------------------------------------|----------------|\r\n");
size_t i = 0;
size_t c = 0;
size_t start;
size_t written;
unsigned char byte;
const unsigned char *pData = (const unsigned char *)pSource;
for( ; i < sourceLength; )
{
start = i;
fprintf(dstFile, "|");
for( c = 0; c < 16 && i < sourceLength; ) // write 16 bytes per line
{
fprintf(dstFile, "%02X ", (int)pData[i]);
++i; ++c;
}
written = c;
for( ; c < 16; ++c ) // finish off any incomplete bytes
fprintf(dstFile, " ");
// write the text part
fprintf(dstFile, "|");
for( c = 0; c < written; ++c )
{
byte = pData[start + c];
if( isprint((int)byte) )
fprintf(dstFile, "%c", (int)byte);
else
fprintf(dstFile, ".");
}
for( ; c < 16; ++c )
fprintf(dstFile, " ");
fprintf(dstFile, "|\r\n");
}
fprintf(dstFile, "-------------------------------------------------------------------\r\n");
return 0;
}
};
BOOL APIENTRY DllMain(HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
if (ul_reason_for_call == DLL_PROCESS_ATTACH)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach((PVOID*)&decrypt, (PVOID)(&(PVOID&)DetouredClass::DetourDecrypt));
DetourAttach((PVOID*)&encrypt, (PVOID)(&(PVOID&)DetouredClass::DetourEncrypt));
LONG l = DetourTransactionCommit();
AllocConsole();
freopen("CONIN$", "r", stdin);
freopen("CONOUT$", "w", stdout);
freopen("CONOUT$", "w", stderr);
SetConsoleTitle("TestWindow");
HWND wnd = GetConsoleWindow();
RemoveMenu(GetSystemMenu(wnd, FALSE), SC_CLOSE, MF_BYCOMMAND);
unsigned int ext = 0;
FILE* f = fopen("Log.txt", "rb");
if (f != NULL)
{
fclose(f);
ext = 1;
while (true)
{
char filename[1024];
sprintf(filename, "Log%u.txt", ext);
f = fopen(filename, "rb");
if (f == NULL)
break;
fclose(f);
++ext;
}
}
char logfile[1024];
if (ext == 0)
strcpy(logfile, "Log.txt");
else
sprintf(logfile, "Log%u.txt", ext);
flog = fopen(logfile, "wb");
}
return TRUE;
}
Back to top
